Are there any maintained whitelists of "direct access" HA IoT hardware? I.e. hardware I can either directly access from HA, or firmware flash and do so?
This feels like linux compatibility back in the 90s. Hypothetically, you could make many things work. Practically and sanely, you (as an end user interested in getting work done) should stick to paved roads that permit shorter stacks.
Not directly Home Assistant but tangentially related is ESPHome[0] which is all about making those custom chips with custom hardware and sensors and integrating them into HA later. They also have guides on flashing firmware of some brand-devices (since those devices are also running these same open-source dev boards).
This, so very much. That project is amazing. It feels very close to the metal and is very satisfying to do, whilst also being pretty straight-forward for a beginner.
And you can go completely custom using the Arduino IDE and anything compatible (Arduino boards and ESP32 or ESP8266s) and link them in to HA via MQTT, which works surprisingly well.
I've focused on IoT-devices that uses the ZigBee-protocol, which can be integrated directly (trough a ZigBee controller of your choice, like deConz) into HA without the need of any proprietary hubs. Luckily IKEAs IoT-devices (primarily lights, controllers and switches) use the ZigBee-protocol and are decently priced. I have also used cheap environmental sensors[0] from China that supports ZigBee. I really like the idea of only using components with an open protocol and being able to isolate my IoT-setup to my local network. Everything would still work if I lost my internet connection and no data is leaving my house.
https://templates.blakadder.com/ lists things that can be flashed with Tasmota. So it's not a full list of everything with a direct API, but it's a list that is already contains basically every type of device. And once you re-flash the thing it's fully yours, no need to worry about who your device data is getting shared with, no apps that vacuum up your contacts, and no risk of the mfg pushing an update that breaks your setup.
I can give you two at least: TP-Link's Kasa line and Broadlink devices (IR blasters/etc). Now both try to hit their respective clouds, but they have local APIs and if you firewall them off from the internet they work fine locally.
In fact, I just debugged and found a workaround for the Broadlinks rebooting every 3 minutes as their cloud connectivity watchdog timer expired, and now they're rock solid (not released in HA but it will be soon).
I use a TI CC2531 with the zigbee2mqtt firmware and HA add-on: https://www.zigbee2mqtt.io
This gives you "direct access" to a long list of Zigbee hardware (eg. IKEA Tradfri, Xioami Aquara) without a separate hub.
LIFX has a documented LAN-only protocol which doesn't require their cloud or any kind of authentication. Their own app and account system is only required upon first setup and I bet even that could be reverse-engineered.
This feels like linux compatibility back in the 90s. Hypothetically, you could make many things work. Practically and sanely, you (as an end user interested in getting work done) should stick to paved roads that permit shorter stacks.